A phone app used to mobilise voters to support Donald Trump, the Brexit movement in the UK, the anti-abortion campaign in Ireland and the National Rifle Association in the United States is being deployed in Australia's federal election campaign.

Key points:

Users earn points by watching videos, donating and sharing content and political messages with contacts via the app

Right-leaning Australian Taxpayers Alliance says it creates a "safe space" for its supporters

Privacy experts warn users to check what permissions they give apps

The right-leaning Australian Taxpayers Alliance (ATA), which describes itself as a non-partisan grassroots activist group, formally launched its app featuring the "Stop Shorten" slogan this week.

Built by US app developer uCampaign, the platform gamifies political activism — encouraging users to share ATA social media posts and invite friends to earn points.

Near identical versions of the app are also used by the Australian Conservatives and the Australian Christian Lobby, while anti-gay marriage group Marriage Alliance rolled out the tool during the marriage equality plebiscite.

uCampaign chief executive Thomas Peters claimed its use during the 2016 Donald Trump presidential campaign was able to influence outcomes in tight states with 150,000 users downloading the app by election day.

"They had performed 1.2 million actions and in the final seven weeks, that included 300,000 of these peer-to-peer, get-out-the-vote messages, targeting persuadable voters in swing states," he said during a speech to the American Association of Political Consultants in April last year.

"They can use the app to spread the message to their own social media channels, to their own texts, their own emails," he said.

"And the points that you get, you can then trade these for, you know, things like merchandise, T-shirts."

The security of voter data has become a growing concern globally, as political parties and lobby groups roll out digital campaign strategies that collect databases of sensitive contact and demographic information.

The ATA app requests escalating permissions, including the ability to read, add to, and modify the user's calendar, take photos and videos, read contacts, control the phone's vibration function and access the phone's precise GPS location.

Mr Marar said the app makes these requests so the group can send users push alerts on their phone as the election unfolds.

However, the managing director of IT firm PivotNine, Justin Warren, said the information collected by the ATA app could be quite personal — especially the smartphone's contact list.

"And more to the point, it's not yours in many cases," he said.

"The contact information is about your friends, family, people who you know.

"Speaking purely personally, I wouldn't touch this app with a 12-foot pole."

Mobile phone mined for contacts

Past iterations of uCampaign apps have claimed to make extensive use of users' mobile contacts.

In a 2016 blog post about America First, its pro-Donald-Trump app built using uCampaign, the firm's chief executive, Thomas Peters, explained that asking users to share Facebook and contact information helped the group comb through a "network of over 3 million contacts".

Mr Peters also described how the app was used to engage voters and encourage them to watch videos and share "Vote Leave" messages to their social media accounts during the Brexit Campaign.

"The app prompted activists to go through their entire phone address book and send everyone a pre-written message explaining why they intended to vote LEAVE," he wrote.

How is Australian data protected?

uCampaign is owned by Washington DC-based company Political Social Media LLC, which has previously been accused of operating with terms and conditions that would allow user data to be shared with an international network of conservative and religious groups.

In May 2018, BuzzFeed reported two apps developed by the company as part of Ireland's anti-abortion campaign contained privacy policies that would allow personal information to be passed on to "organisations, groups, causes, campaigns, political organisations, and our clients that we believe have similar viewpoints, principles or objectives as us".

The US privacy terms linked to by the ATA app does not contain this permission — the policy appears to have been updated in 2018 to remove it, and now states no data is shared between uCampaign clients.

Mr Marar maintained user information was not shared, "with any third parties, advocacy groups, political parties, businesses or any other party nor may it be used by uCampaign".

However, the current policy also states information users provide may be used for "personalised advertising and marketing", while aggregate user statistics and demographic information may be shared with third parties.

Mr Marar also said, despite the app's privacy policy failing to state where data is stored, that all user data is held locally on secure servers.

Voter database a 'privacy powder keg'

Concerns have been raised more broadly about how Australian electoral data is being used during the campaign.

While the ATA is a lobby group, Australian political parties are exempt from the Privacy Act, which means there are few controls over what they do with voter information.

This is "privacy powder keg", according to Adam Molnar, a cybersecurity researcher at Deakin University.

"This means that, for the most part, Australians are unable to learn about what information these companies have, they forgo an ability to access and correct any data, or to even remove themselves from these vast databases," he said in an email.